The vulnerability of the software implementing the transport protocols QUIC and HTTP/3 in CloudFlare Quiche allows attackers to cause service interruptions due to unlimited resource distribution.

The vulnerability of the software implementing the transport protocols QUIC and HTTP/3 in CloudFlare Quiche lies in the fact that data is sent at a speed that exceeds the actual path support provided by the system due to unlimited resource distribution. Exploiting this vulnerability can allow a...

The vulnerability of the ovpn-dco-win software driver allows a hacker to trigger a service failure.

The vulnerability of the ovpn-dco-win software driver relates to operations that occur outside the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the rweather library and the crypto-based solutions for organizing tactical radio communications in hard-to-access areas like Meshtastic allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the rweather library and the crypto-based solutions for organizing tactical radio communications in hard-to-access areas like Meshtastic is related to insufficient entropy during key generation. Exploiting this vulnerability allows a remote attacker to compromise the...

The vulnerability of the ABAP Keyword Documentation component of the SAP NetWeaver software integration platform allows attackers to perform cross-site scripting attacks.

The vulnerability of the ABAP Keyword Documentation component in the SAP NetWeaver software integration platform is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability in the embedded web server microprogramming software of TOTOLINK A3002R, A3002RU, A702R, and EX1200T routers allows a hacker to induce a service failure.

The vulnerability in the embedded web server microprogramming software of TOTOLINK A3002R, A3002RU, A702R, and EX1200T routers is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious actor t...

The vulnerability of the software for configuring and setting up devices of the UR series from GE Vernova Enervista UR Setup lies in the use of rigidly encrypted credentials. This allows a malicious individual to influence the integrity of the protected information.

The vulnerability of the software for configuring and setting up devices of the Universal Relay UR series from GE Vernova Enervista UR Setup lies in the use of rigidly encrypted credentials. Exploiting this vulnerability could allow an attacker to influence the integrity of the protected...

The vulnerability of the sub_3C03C function in the microprogramming software of the dual-band Wi-Fi amplifier Netgear EX6200 allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sub3C03C function in the microprogramming software of the dual-band Wi-Fi amplifier Netgear EX6200 is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to influence the confidentiality,...

The vulnerability of the qtrr_endpoint_post() function in the net/qrtr/qrtr.c module allows a hacker to trigger a service failure in the Qualcomm IPC kernel of the Linux operating system.

The vulnerability of the qtrrendpointpost function in the net/qrtr/qrtr.c module is related to buffer out-of-bounds reading. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the ec_bhfremove() function in the drivers/net/ethernet/ec_bhf.c file allows a hacker to cause a service failure in Linux-based systems with Ethernet network adapters.

The vulnerability of the ecbhfremove function in the drivers/net/ethernet/ecbhf.c file, which is part of Linux’s Ethernet network adapter support, stems from the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the ucsi_ccg_sync_control() function in the Linux kernel’s driver/us module allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ucsiccgsynccontrol function in the drivers/us module of the Linux operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the software for configuring and setting up Universal Relay (UR) devices from GE Vernova Enervista UR Setup lies in the authentication procedures’ deficiencies, which allow attackers to influence the integrity of the protected information.

The vulnerability of the software for configuring and setting up devices of the Universal Relay UR series from GE Vernova Enervista UR Setup is related to deficiencies in the authentication process. Exploiting this vulnerability could allow attackers to compromise the integrity of the protected...

The vulnerability of AMD’s microprogramming software lies in the use of uninitialized resources, which allows attackers to execute arbitrary code.

The vulnerability of AMD’s microprogrammed software lies in the use of uninitialized resources. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerabilities of microprogramming software for AMD, Qualcomm, and Imagination allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogramming software for AMD, Qualcomm, and Imagination relates to incorrect input of configuration data. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the SAP Field Logistics module of the SAP S/4HANA software platform allows a perpetrator to compromise data integrity.

The vulnerability of the SAP Field Logistics module of the SAP S/4HANA software platform is related to errors in handling HTTP requests. Exploiting this vulnerability allows a malicious actor to compromise data integrity from a remote location...

The vulnerability of the microprogrammed software of the LB-LINK BL-W1210M router, related to the unencrypted storage of critical information, allows a intruder to gain unauthorized access to the protected information.

The vulnerability of the microprogrammed software of the LB-LINK BL-W1210M router lies in the unencrypted storage of critical information. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the protected information...

The vulnerability of the `easy_uci_set_option_string_0()` function in the `/cgi-bin/lighttpd.cgi` file of the LB-LINK BL-AC3600 router’s microprogramming system allows a hacker to execute arbitrary code.

The vulnerability of the easyucisetoptionstring0 function in the /cgi-bin/lighttpd.cgi file of the LB-LINK BL-AC3600 router microprogramming system is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability could allow an attacker operating...

The vulnerability of the zynqmp_dpsub_drm_cleanup() function in the drivers/gpu/drm/xlnx/zynqmp_kms.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the zynqmpdpsubdrmcleanup function in the drivers/gpu/drm/xlnx/zynqmpkms.c module of the Linux kernel is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the `alloc_flex_gd()` function in the `fs/ext4/resize.c` module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the allocflexgd function in the fs/ext4/resize.c module of the Linux operating system is related to a single-byte offset error. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Dante proxy server, related to deficiencies in the authentication mechanism, allows attackers to circumvent existing security restrictions.

The vulnerability of the Dante proxy server is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...

Vulnerability of the fc_rport_prli_resp() function in the drivers/scsi/libfc/fc_rport.c module – This driver is part of the Linux operating system’s SCSI device support framework. It allows attackers to compromise the confidentiality and accessibility of protected information.

Vulnerability of the fcrportprliresp function in the drivers/scsi/libfc/fcrport.c module – The Linux system’s SCSI device support driver involves reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of...

The vulnerability of the mld_newpack() function in the net/ipv6/mcast.c module of the IPv6 protocol implementation in the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the mldnewpack function in the net/ipv6/mcast.c module of the IPv6 protocol implementation in the Linux operating system is related to improper control of resource identifiers “resource injection”. Exploiting this vulnerability could allow an attacker to cause a service failu...

The vulnerability of the fmt_single_name() function in the sound/soc/soc-core.c module allows a hacker to cause a service failure in the Linux operating system’s SoC kernel.

The vulnerability of the fmtsinglename function in the sound/soc/soc-core.c module, which is part of the Linux SoC audio support, relates to the use of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the check_max_stack_depth() function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter support in the Linux operating system’s kernel, allows a hacker to access protected information or trigger a service failure.

The vulnerability of the checkmaxstackdepth function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter support in the Linux operating system, involves reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to access protected informatio...

Vulnerability of the usb_charger_get_property() function in the drivers/usb/common/usb-conn-gpio.c module – The driver for supporting USB devices in Linux kernels allows a hacker to cause a service failure.

Vulnerability of the usbchargergetproperty function in the drivers/usb/common/usb-conn-gpio.c module – The Linux kernel’s USB device support driver is vulnerable due to a reliance on the NULL pointer pointer. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the Nomad Module component of the 1E Client software allows a hacker to delete any files on the device.

The vulnerability of the Nomad Module component of the 1E Client software lies in the improper handling of symbolic links before accessing files. Exploiting this vulnerability could allow an attacker to delete any files on the device...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of GE Vernova Intelligent Electronic Devices (IEDs) of the Universal Relay (UR) series, which stems from insufficient verification of data authenticity, allows intruders to circumvent existing security restrictions.

The vulnerability of GE Vernova Intelligent Electronic Devices IEDs from the UR series is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow unauthorized actors to circumvent existing security restrictions remotely...

The vulnerability of the software for managing and controlling access to corporate resources and IBM Security Verify Governance applications, which stems from weak password requirements, allows attackers to gain unauthorized access to user account information.

The vulnerability of the software for managing and controlling access to corporate resources and applications of IBM Security Verify Governance is related to weak password requirements. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to user accounts...

The vulnerability of the `init_amd_bd()` function in the `arch/x86/kernel/cpu/amd.c` module of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the initamdbd function in the arch/x86/kernel/cpu/amd.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected...

Vulnerability of the lpfc_issue_els_plogi() function in the drivers/scsi/lpfc/lpfc_els.c module – This driver provides support for SCSI devices in the Linux operating system. It allows a hacker to cause a service failure.

Vulnerability of the lpfcissueelsplogi function in the drivers/scsi/lpfc/lpfcels.c module – The Linux SCSI device support driver is vulnerable due to a reliance on the NULL pointer pointer. Exploitation of this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the gfs2_scan_glock_lru() function in the fs/gfs2/glock.c module of the GFS2 file system support module for Linux’s operating system allows a hacker to cause a service failure.

The vulnerability of the gfs2scanglocklru function in the fs/gfs2/glock.c module of the GFS2 file system support in Linux’s operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the megasas_probe_one() function in the drivers/scsi/megaraid/megaraid_sas_base.c module – This driver is used by Linux’s SCSI device support framework, which allows an attacker to cause a service failure.

Vulnerability of the megasasprobeone function in the drivers/scsi/megaraid/megaraidsasbase.c module – The Linux SCSI device driver has a vulnerability related to uncontrolled resource consumption. Exploiting this vulnerability could allow an attacker to cause service failures...

Vulnerability of the ad7124_of_parse_channel_config() function in the drivers/iio/adc/ad7124.c module – A driver that supports various types of built-in sensors in the Linux operating system, which allows a hacker to cause service failures.

Vulnerability of the ad7124ofparsechannelconfig function in the drivers/iio/adc/ad7124.c module – The driver for supporting various types of built-in sensors in the Linux operating system involves copying buffers without checking the size of the input data a classic buffer overflow attack...

The vulnerability of the nci_core_conn_create() function in the include/net/nfc/nci_core.h module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ncicoreconncreate function in the include/net/nfc/ncicore.h module of the Linux operating system is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a attacker to cause service failures...

The vulnerability of the nfs_get_client() function in the fs/nfs/client.c module of the Linux file system support module allows a hacker to cause a service failure.

The vulnerability of the nfsgetclient function in the fs/nfs/client.c module of the Linux file system support module is related to the use of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the ipoib_get_size() function in the drivers/infiniband/ulp/ipoib/ipoib_netlink.c module – This driver is part of the Linux operating system’s InfiniBand support, and it allows a hacker to cause a service failure.

Vulnerability of the ipoibgetsize function in the drivers/infiniband/ulp/ipoib/ipoibnetlink.c module – The Linux kernel’s InfiniBand support driver is vulnerable due to a reliance on the NULL pointer dereferencing. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the peakpciRemove() function in the drivers/net/can/sja1000/peakpci.c module – A Linux kernel CAN device driver support mechanism that allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the peakpciRemove function in the drivers/net/can/sja1000/peakpci.c module – The Linux kernel’s CAN network device driver has a vulnerability related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in access control errors, which allow attackers to bypass existing security restrictions.

The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to access control errors. Exploiting these vulnerabilities can allow attackers to bypass existing security restrictions remotely...

The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B, related to access control errors, allows attackers to escalate their privileges.

The vulnerabilities of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to access control errors. Exploiting these vulnerabilities can allow attackers to enhance their privileges remotely...

The vulnerability of the OData function in the SAP S/4HANA software platform allows attackers to influence the integrity and confidentiality of the protected information.

The vulnerability of the OData function in the SAP S/4HANA software platform is related to the falsification of cross-site requests. Exploiting this vulnerability could allow a malicious actor to influence the integrity and confidentiality of the protected information...

The vulnerability of the websGetVar function in the /goform/set_manpwd file of the LB-LINK microprogramming system allows a hacker to gain full control over the device.

The vulnerability of the websGetVar function in the /goform/setmanpwd file of the LB-LINK microprogramming system exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability can allow a malicious actor, operating...

The vulnerability of the qcom_ebi2_probe() function in the drivers/bus/qcom-ebi2.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the qcomebi2probe function in the drivers/bus/qcom-ebi2.c module of the Linux kernel is related to improper memory release before deleting the last pointer memory leak. Exploiting this vulnerability could allow an attacker to cause a system failure...

Vulnerability of the rxe_qp_init_req() function in the drivers/infiniband/sw/rxe/rxe_qp.c module – The Linux kernel’s InfiniBand driver, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the rxeqpinitreq function in the drivers/infiniband/sw/rxe/rxeqp.c module – The Linux kernel’s InfiniBand driver relies on the reclamation of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the PostgreSQL PgBouncer connection pool program, related to authentication process flaws, allows attackers to gain unauthorized access to the application.

The vulnerability of the PgBouncer connection pool program in PostgreSQL involves deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to the application...

The vulnerability of the cake_get_tcphdr() function in the net/sched/sch_cake.c module of the network scheduling subsystem of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the cakegettcphdr function in the net/sched/schcake.c module of the network scheduling subsystem of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the mhipciremove() function in the drivers/bus/mhi/pcigeneric.c module – A driver for the MHI bus in the Linux kernel, which allows a hacker to cause a service failure.

Vulnerability of the mhipciremove function in the drivers/bus/mhi/pcigeneric.c module – The MHI driver in the Linux kernel is vulnerable due to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a system failure...